Date: Sun, 15 Mar 2020 13:17:14 +0700 From: Victor Sudakov <vas@sibptus.ru> To: freebsd-questions@freebsd.org Subject: Re: Centralized user/group/whatever management Message-ID: <20200315061714.GC64075@admin.sibptus.ru> In-Reply-To: <fc467be1-6a08-9492-7b07-1ee05dc068ed@dewberryfields.co.uk> References: <20200313091923.GA98495@admin.sibptus.ru> <20200313143130.GA68871@geeks.org> <96ed1afa-e0e1-51a2-997b-e95097a1d0b4@gmx.net> <20200314060747.GH27346@admin.sibptus.ru> <fc467be1-6a08-9492-7b07-1ee05dc068ed@dewberryfields.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
--1SQmhf2mF2YjsYvc Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Michael Howard via freebsd-questions wrote: > > > > > Do you think there exists a modern solution for centralized user/= group/... > > > > > management compatible with FreeBSD and Linux? > > > > I think the best combination is probably a Windows AD setup, with > > > > FreeBSD/Linux clients attaching to it. (Although I still do externa= l DNS > > > > importing the AD objects into it, really can't stand windows DNS). > > > >=20 > > > > This does work really seamless, the GUI tools are well utilized. > > > >=20 > > > > It really gets you the hard part (LDAP, Kerberos) in a pretty easy = to > > > > use package. I don't know how many hours I've spent on OpenLDAP > > > > getting it to work with things, and management packages for OpenLDAP > > > > are pretty sucky overall. > > > I agree here with Doug, as strange as it sounds, Samba is your best b= et. > > > When you provision your domain you shall enable the POSIX extensions.= It > > > will create all GECOS stuff. pam_winbind is also nice. > > So pam_winbind it is, if you want to use AD for user/group management? > > Does winbindd not crash any more under FreeBSD? > >=20 > > Do you need to also enable winbind somehow in nsswitch.conf? > >=20 > > > One must simply admit that Active Directory is a wellthought system n= ot > > > just for Unix. You may join your machines either with Samba, more eas= ily > > > with msktutil (disclainer, I am a maintainer) with works flawlessly on > > > FreeBSD. > > I'll certainly look at it if I have to integrate FreeBSD into Windows A= D. > >=20 > > However first I'd like to find a free, open source solution for a > > Unix-only office. Hope it will not eventually come to buying a Windows > > server to manage Linux and FreeBSD workstations. > >=20 > Samba is free and open source. Absolutely no need to buy MS Windows. What do you mean by "Samba" in this context? A centralized user/group management server? A centralized user/group management client?=20 --=20 Victor Sudakov, VAS4-RIPE, VAS47-RIPN 2:5005/49@fidonet http://vas.tomsk.ru/ --1SQmhf2mF2YjsYvc Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEcBAEBAgAGBQJebchqAAoJEA2k8lmbXsY04ysIALext+tT5JLXBcNNGxCtmu+5 XbfwRol7p+/CZUajB+TEqsk1A+NX2eBWDQjoix5/CEAbH5LWlv3v7SsFTo08BGz7 Mx2v7FKAV8jm9aJWC1ZxUQ4lku/+pvTRGVsZXGiaWXP5V/V3Gms2rIhfNS/g0cKv 2IFwDQKKpClVMTySyOWqqjwesl28TWuT9uIEz5VCT4yHEYoPdpMSVIGVkc13UJK3 zZdJig2EF9ctfH/HqOqH6iXCeyjKJueUCug/avdKv5IBHGWSbTy63nzyS7oducMn tJK2r/yFT03aEKDCQ1yRa7worpOyOMfOCLrr9/JW/I4qg2F+gM286S3pLb+rSKs= =Q23o -----END PGP SIGNATURE----- --1SQmhf2mF2YjsYvc--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20200315061714.GC64075>